CVE-2004-0580

Linksys - Info Disclosure

Title source: llm

Description

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jon Hart · cremotehardware

https://www.exploit-db.com/exploits/24115

View Code ZIP pw:eip

References (7)

[Various Sources] http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832&p_%20%5Ccreated=1086294093&p_sid=pU1X1idh&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A&p_li=

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16142

[Third Party Advisory] http://secunia.com/advisories/11606

[Third Party Advisory, VDB Entry] http://www.osvdb.org/6325

[Third Party Advisory, VDB Entry] http://securitytracker.com/alerts/2004/May/1010288.html

[Mailing List] http://marc.info/?l=bugtraq&m=108662876129301&w=2

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/10329

Scores

EPSS 0.0765

EPSS Percentile 91.9%

Details

Status published

Products (50)

linksys/befcmu10

linksys/befn2ps4

linksys/befn2ps4 1.42.7

linksys/befsr11 1.40.2

linksys/befsr11 1.41

linksys/befsr11 1.42.3

linksys/befsr11 1.42.7

linksys/befsr11 1.43

linksys/befsr11 1.43.3

linksys/befsr11 1.44

... and 40 more

Published Aug 06, 2004

Tracked Since Feb 18, 2026